Physically man-in-the-middling an IoT device with Linux Bridge
This is a quick writeup of how I did some analysis of an IoT device (The Thing) by physically inserting a Linux box into the network path between The Thing and the network service it consumed. The approach described here involves being physically close to the target system, but it should work equally well1 anywhere there's an Ethernet link along the path between The Thing and it's server.
First, the topology: The Thing is attached to an Ethernet switch and is part of the 192.168.1.0/24 subnet. We'll be physically inserting ourselves into the path of the red cable in this diagram.
 |
| Initial setup |
The first step is to get a dual-homed Linux box into the path. I used an Ubuntu 18.04 machine with the following netplan configuration:
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
eth1:
dhcp4: no
bridges:
br0:
addresses: [192.168.1.2/24]
gateway4: 192.168.1.1
interfaces:
- eth0
- eth1
This configuration defines an internal software-based bridge for handling traffic between The Thing and the switch. Additionally, it creates an IP interface for the Linux host to communicate with neighbors attached to the bridge (everybody on 192.168.1. Continue reading
Samsung Expands 5G Footprint With Videotron
Samsung will provide massive MIMO and dual-band base stations to support the operator’s 4G LTE...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Google Transfer Service Mitigates Cloud Migration Migraines
Transfer Service aims to removes inherent complexities with large-scale data transfers and moving...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Heavy Networking 494: Hybrid Cloud Networking – All The Details
Today's Heavy Networking drills into routing complexities and options for hybrid cloud networking. Our guest is William Collins, lead cloud architect at a large healthcare company. He shares his experiences connecting resources on premises to public cloud services. We also discuss the importance of design and governance, and why your networking skills are absolutely critical when it comes to the cloud.
The post Heavy Networking 494: Hybrid Cloud Networking – All The Details appeared first on Packet Pushers.
Amazon Leads Linux Foundation’s Edge NOS Project
DENT will use the Linux Kernel and other Linux-based projects as the basis for the open source NOS,...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Service to service communication within GKE cluster
In my last blog, I covered options to access GKE services from external world. In this blog, I will cover service to service communication options within GKE cluster. Specifically, I will cover the following options: Cluster IP Internal load balancer(ILB) Http internal load balancer Istio Traffic director In the end, I will also compare these … Continue reading Service to service communication within GKE clusterCiena Chief Calls Infinera 600G Uncompetitive Amid Strong Q4
Amid double-digital growth in 2019, Ciena CEO Gary Smith says Infinera's 600G optics lack the...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Weekly Wrap: Aviatrix CEO: SD-WAN Is Dead. AWS Killed It
SDxCentral Weekly Wrap for Dec. 13, 2019: AWS' Outposts, Wavelengths are the nail in SD-WAN's...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Magical Mechanics
If you’re a fan of this blog, you’ve probably read my last post about the new SD-WAN magic quadrant that’s been making the rounds and generating discussion. Some people are smiling that this report places Cisco in an area other than leadership in the SD-WAN space. Others are decrying the report as being unfair and contradictory. I wanted to take another look at it given some new information and some additional thoughts on the results.
Fair and Square
The first thing I wanted to do is make sure that I was completely transparent with the way the Gartner Magic Quadrant (MQ) works. I have a very good idea thanks to a conversation with Andrew Lerner (@Fast_Lerner), who is the Research VP of Networking at Gartner. Andrew was nice enough to clarify my understanding of the MQ and accompanying documentation. I’ll quote him here to make sure I don’t get anything wrong:
In an MQ, we assess the overall vendors’ behavior and offering in the market. Product, service/support sales, marketing, innovation, etc. if a vendor has multiple products in a market and sells them regularly to the enterprise, they are part of the MQ assessment. Viable products are not Continue reading
Announcing project DENT
We are excited to announce that Cumulus is joining project DENT!
Project DENT is a huge step for the industry, taking both open networking and Linux networking forward. DENT will help grow the community of open Linux networking vendors and partners, and Cumulus Networks is pleased to be part of this project that aligns with our core values and strengths. We strongly believe in mass innovation with open Linux software, platforms and the Linux community.
Linux ecosystem players have historically benefited from mass innovation. By bringing together vendors, distributors, system integrators and users, DENT enables distributed development and support for open Linux networking operating system for campus and remote networking. We believe this will enable networking hardware vendors to leverage the same benefits that all Linux hardware technologies do today: Open Linux firmware management, platform driver infrastructure, network interface management and Linux tools and ecosystem.
The Cumulus Linux connection
Cumulus Linux is based on the same foundational principles as project DENT with the goal of unifying Networking across distributed systems. This unification comes from its native Linux platform and networking API. Today’s technologies powering hybrid cloud and on-prem infrastructure are distributed systems technologies. Networking is fundamental to distributed systems. Uniformity Continue reading
Video: FRRouting Overview
In October 2019, Donald Sharp did a short webinar describing FRRouting, the hottest open-source routing suite.
As always, he started with an overview of what FRRouting is, and where you could use it.
You need Free ipSpace.net Subscription to watch the video.
Atlassian Forge Serves an AWS Lambda-Based Serverless Option
The platform includes Atlassian-operated compute and storage, a declarative UI language that allows...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Cisco Paints 5G Strategy Around Optics, Packet Core
“We helped build the first version of the internet, the internet gave birth to the cloud, and now...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Five Ways to Quickly Uncover Malicious Activity and Protect Your Kubernetes Workloads
Organizations are rapidly moving more and more mission-critical applications to Kubernetes (K8s) and the cloud to reduce costs, achieve faster deployment times, and improve operational efficiencies, but are struggling to achieve a strong security posture because of their inability to apply conventional security practices in the cloud environment. Commitment to cloud security grows, but security safeguards are not keeping up with the increased use of the various cloud platforms. Regardless of the cloud provider or service model, individual organizations are ultimately responsible for the security of their data.
According to a 2019 Ponemon Institute Global Cloud Data Security Study, 70 percent of respondents find it more complex to manage privacy and data protection regulations in a cloud environment than on-premises. Meanwhile, the percent of corporate data stored in the cloud environment has grown from an average of 30 percent in 2015 to an average of 48 percent in 2019. In the same study, 56 percent of respondents say the use of cloud resources increases compliance risk.
The downside associated with a security breach is severe for any organization, but especially so for companies in regulated environments like financial services, healthcare and telecommunications. Now there’s a new and highly effective way Continue reading